Rubbish.... That's a home user..... Close all ports because you provide no service.....

Now start talking real world..... Start thinking about _required_ open ports and then continue the discussion......

I'm not discussing anything apperently, with required open ports, same story you can just "download" a different firewall script

also that's not all me post said, I was refering to the defender kind of scriptkiddies... they exist as well as the attacking kind and they don't belong in the discussion on the high up there corporate stuff with required open ports and blah

July 3rd, 2005, 05:04 PM

¤The¤SpeŠialist

I can sure see that there is alot of brain waves flowing through this discussion.

July 3rd, 2005, 07:38 PM

gauravijay

talk of balls and brains!
the attacker who says he has balls does not actually have them, coz he fears being caught,
the defender does not have the balls either, so many times he has nightmares someone might be in his pie,
both only have brains,
it depends on which side of the line u are,
coz every day someone crosses the line and joins the opposite party!
both are equal!

July 3rd, 2005, 08:08 PM

The Grunt

Quote:

Originally posted here by ¤The¤SpeŠialist I can sure see that there is alot of brain waves flowing through this discussion.

Yeah, they're all leaving...

July 3rd, 2005, 09:02 PM

Spyder32

Quote:

I can sure see that there is alot of brain waves flowing through this discussion.

I wonder why :rolleyes:

July 3rd, 2005, 10:12 PM

tenzenryu

Quote:

Originally posted here by Tedob1 Consider that allot of PoC and exploit code is written by "defenders" and that most of the "attackers" use other peoples code.

CDATA [...]

BTW which do you consider yourself?

1st statement has a lot of validity. Basically, there are a few originals, probably of equal skill on both sides, and the rest of us are playing catch up like Alice trying to keep up with the White Queen.

I don't know if the question was directed against me but the only appropriate answer is

:p

July 4th, 2005, 12:04 AM

crashburn181

Defence takes more skill.. I takes more knowlage and power to protect something. Weather it be a network or a single computer. Your one person agaist the world. Even the best defenders can be beat by crackers. Securing a system takes not only talent it also takes a bit of artistry..

July 4th, 2005, 12:09 AM

Spyder32

Quote:

Defence takes more skill.. I takes more knowlage and power to protect something. Weather it be a network or a single computer. Your one person agaist the world. Even the best defenders can be beat by crackers. Securing a system takes not only talent it also takes a bit of artistry..

Co-sign and an excellent point. It is one person against an entire world of people. People who are capable of anything and people who eventually one of them will be smarter/skilled than you are. Thus, that one person has more to bare with and deal with. Excellent point, crashburn181.

July 4th, 2005, 12:53 AM

neel

so it's the defender against the rest of the world... so a defender should be as smart as 6 billion people to even out the situation... if defenders have to be that smart, and yer not gonne tell me they are, why the hell do they often succeed with 1/6 billion th of that smartness... can't be all that hard defending a computer then...

July 4th, 2005, 03:57 AM

The3ntropy

This is more of a philosophical poll then I think was originally intended. When asking does it take more skill to attack or defend it will depend upon the level of complexity at which you are considering the situation. Is it easy to install a firewall? Yes. Is it easy to scan for, and use ready made scripts to exploit known vulnerabilities? Yes.

However, to become very good at either end of the spectrum you must know a great deal about the other. You cannot learn how to attack a system without anticipating what its defenses are, likewise while defending a system, you must be able to predict what type of attack will come.

To finally state my opinion, it takes the same amount of knowledge and "skill" because the two professions both require the same exact knowledge of both securing and attacking the same systems.

Proove me wrong, tell me an example where an attacker can have zero knowledge of the system he is up against and still be successful attacking, or where a defender can not have any knowledge what or how his system will be attacked, while still be able to defend it.